A Case Study in Phishing

A few days ago I received this email. I thought it was an excellent example of a phishing attack. If you’ve never heard of it before, phishing is a process where a bad guy sends you an email that looks legitimate in hopes that you’ll click on the link and give information to him that he can use to somehow screw you over or steal your money.

Here’s the email. Click to enlarge.



In this case, they’ve created an email that looks a lot like it came directly from Apple. It’s got the Apple Logo and the YouTube logo and, on first glance, looks official. It informs me that I’ve subscribed to YouTube Red for $149.99/month and it gives me a handy link to unsubscribe. There be the dragons. If I were to click on that link–I didn’t–it would ask me for my iTunes login or my credit card (or both), and then the bad guys would have my information. Game over.

The first tool you need in fighting Spam is common sense. YouTube Red does not cost $149.99/month, and a simple search will tell you that. If there is any question, also take a closer look at the details. The sender lists their name as “App Store” but disclosing the actual email address; it’s “noreply11@fillappealform.com”. Does that really sound like an address Apple would send you to confirm a subscription? Also, it lists “Payment Method” as “By Card”, not the usual xxxx-xxxx-1234 you usually see. It also creates this sense of urgency, explaining I’m on a free trial but I will be charged $150 in just two days if I don’t act. While I can see how this email may fool some people, on the barest scrutiny, it starts looking shady.


Screen Shot 2018-02-28 at 9.27.27 AM.png

If you ever find yourself tempted to click on any link in an email that involves a problem or access to any of your online accounts, stop and think for a moment. Then go to the source website itself and check. In this case, logging onto my iTunes account would show that I have not, nor have I ever, signed up for a YouTube Red subscription.

Finally, there’s nothing wrong with proving yourself wrong on this stuff. I recently got a “credit card expired” email from Squarespace. Rather than clicking on the link, I went and logged into my account and discovered that my credit card had, in fact, expired. Better safe than sorry.

Want to learn more? I wrote a book about email.

My Blogging Workflow

I have received a lot of questions asking precisely what my workflow is for getting blog posts up. The whole process is a bit more complicated than it probably should be but here goes:

 

Step 1 — Choose a Topic

The first thing I need to do for a significant post is choose a topic. For a long time, I kept a list of topics in OmniFocus, but at the end of the day, that’s not the best place for them. Then, for a while, I kept the list in Apple Notes, but ultimately I added a category in Ulysses under the “Blog” project called “Ideas”. There is a series of very short notes in that folder that could be a single word or a few sentences about an idea for a blog post that I may want to write someday. This one was called “Explain a Post” and had been sitting in the Ideas folder for about four months. Once a week, usually Saturdays, I look through the list and pick two or three notes with the same strategy used when buying cheese: pick something interesting and different but not too smelly or old. 

 

Step 2 — Mind Map

If the idea is going to need some planning, which in my mind is any post of four paragraphs or more, I start a MindNode mind map on the post. It will start with just a few nodes, but I will let the idea cook over a week or so, occasionally stepping into MindNode and adding things that my subconscious comes up with. (I thought of that clever part in the previous paragraph concerning cheese while actually buying cheese.) After about a week, I’m usually ready to start writing. 

 

Step 3 — Move the Cursor from Left to Right

Now comes the hard part of moving the cursor across the page. If I’m typing the article, I will go ahead and do that right in Ulysses, but I move the Ulysses note from “Ideas” to “Cooking”. I usually block a few hours every Saturday afternoon to do some writing for the blog, and in those cases, I will do most of the writing with dictation. For dictation, I use Dragon for Mac or Dragon Anywhere on iOS, which I’m doing right now. As an aside, when using Dragon for Mac to write stories, I do it in TextEdit, which works swimmingly with Dragon’s voice commands. When I dictate, I just dictate the first draft. I don’t do a lot of edits with my voice but instead move the text to the Ulysses “Cooking” folder where I review and edit it via the keyboard.



Either way, I continue banging away at it until I’m more or less happy.



 

Step 4 — Grammarly To the Rescue

Last year I bought a subscription to Grammarly. I was never a fan of computer-based grammar checkers until I signed up for a trial with Grammarly. The service works better than I expected. I was hesitant to pay the annual subscription fee, but when I considered the fact that I pay for my shoes with words, it made the cost easier to digest. All significant posts get run through Grammarly after I finish writing them. If you ever want to know which posts don’t go to Grammarly, they are the ones with typos.



 

Step 5 — Rest

After I finish this process, I put the corrected text out of Grammarly and back in Ulysses, and I give it a day. Waiting 24 hours to come back and do an additional reading of the post always makes it better.

 

Step 6 — Add Links

Towards the end of the process, I go ahead and add links to the post. I usually do this using this clever Keyboard Maestro script if I’m on the Mac. It isn’t much more difficult with Ulysses on iOS. If there are links to products, I use Affiliate on Mac or Blink on iOS to add affiliate links.

 

Step 7 — Send to Editor

I have a good friend who reviews my more significant posts for me, makes any corrections that I missed, and then sets up the post for publication in Squarespace. To pull this off, I export the document from Ulysses in rich text format and send the file through a card in Trello. I have a template project in Trello for just this purpose, so if there is anything unique with the tags or the images, I can add it to the Trello checklist. It’s only in the last year that I asked someone to make this last pass and handle the Squarespace setup. Now that I see how useful it is, I wish I had done it sooner.



Step 8 — Publication

Once my editor finishes the review and sets up the post, I go through and read it one last time in Squarespace and set the publication dates. If I’m really on my game, I will even get a link to Twitter once the post publishes. We have this big group for the Mac Power Users on Facebook, but I rarely have the guts to post a link there.

Obviously, not every post goes through all eight steps, but my best posts do.

Clean Your Mac Safely with CleanMyMac 3 – Sponsor



1.3-Smart-Cleanup-Scan-Results.png


I’m pleased to welcome a new sponsor to MacSparky, MacPaw, makers of CleanMyMac, an app that I’ve used on my Macs for years now. 

According to a study, people waste a full working week every year due to slow computers. It’s the same as losing your hard-earned 7-day vacation. Who would ever agree to that? What’s more striking, is how little it really takes to fix it and make your slow Mac work right. This is where CleanMyMac 3 kicks in. And here are a few reasons to give this native Mac app a chance. 

CleanMyMac speeds up your macOS performance with maintenance scripts. What they do is remove temporary items, optimize system libraries so your Mac feels and works smoother.
It removes up to 74 gigs of junk on an average Mac. Yeah, you can delete files on your Mac yourself, but it’s those large invisible files that are the main burden. System junk, pieces of old apps, outdated, broken items and so on.

Have you ever wondered why a new Mac that is straight from the store works so slick and fast? Right. It’s because it is clean, so wiping all the months-old garbage does translate into speed. So try it on your Mac, just as an experiment. 

I know some people are nervous about about these types of tools. CleanMyMac does it right. It performs a complete audit of your Mac and let’s you see and approve everything it intends to do before it makes any changes. I first bought CleanMyMac years ago and I’ve been running it regularly with no problems. You can speed up your Mac too with CleanMyMac 3. Best of all, to celebrate their sponsorship of MacSparky, you’ll beg 20% off with the links in this post until March 8. So what are you waiting for? Go clean your Mac.



13.1-Dashboard-Usual-State.png


Mac Power Users 419: iOS Settings



Mac Power Users Artwork.png


There are hundreds of settings buried within iOS. In this week’s podcast, we talk through some of our favorite options and settings for tweaking iOS.

This episode of Mac Power Users is sponsored by:

  • Squarespace: Make your next move. Enter offer code MPU at checkout to get 10% off your first purchase.
  • Mac Gurus: Helping people and businesses unlock the hidden potential of Macs. Use this link for 25% off.
  • 1Password: Have you ever forgotten a password? Now you don’t have to worry about that anymore. Save up to 20% using this link.
  • Fracture: Bring your photos to life.

 

Overcast versus Apple Podcasts

For years I’ve been using Overcast as my primary podcasting app. However, I have recently upgraded my car stereo to an Apple CarPlay stereo and purchased an Apple HomePod. Because of this, I was interested in using the Apple Podcasts app again, primarily because of its Siri integration. So for the last few weeks I’ve been using Apple Podcasts, but this morning I switched back to Overcast. Here are a few reasons why and things I learned along the way:

Siri Integration is Useful

Siri integration works pretty swell with the Apple Podcasts app. If I say, “Hey Siri, play podcast Mac Power Users,” it starts right up and plays the most recent episode (usually … see below). That worked both with my HomePod and in my car. Starting a podcast with your voice is pretty great. I had no instance where Siri played the wrong podcast. 

However, Siri got the right podcast but the wrong episode a couple of times. For some reason, it would start playing last week’s episode instead of this week’s episode. The first note on this is that despite talking to Siri at length, I never figured out how to tell Siri to change to a different episode. If I said, “Next episode,” it played the next older episode. But when it started lower in the stack, I couldn’t figure it out. When I checked in the Podcasts app, the current episode was available, and Siri just started one further down in the stack. I never worked out how to fix this with Siri-initiated playback. This happened twice in the two weeks during which I listened to approximately 20 podcasts. 

Regardless, Siri integration remains, in my opinion, Apple Podcasts’ killer feature. I sure hope Apple expands Siri to let third-party audio sources, such as podcast players and music services, use this feature. It would make Siri a lot more useful to a lot more people.

The Apple Podcasts App Needs Work

I hadn’t spent serious time with the Apple Podcasts app in several years, and while it is better, the Apple Podcasts app is still kind of a mess. It shows your subscribed shows, but it doesn’t easily let you set playlists. The controls, once you start a podcast, are not intuitive. When I tried to set the play order of multiple podcasts, it gave me constant dialogue boxes. Synchronizing my play position between devices was also slower than I expected for an Apple application.

Apple Podcasts also doesn’t include a lot of the additional features you find in third-party podcast players such as Overcast’s ability to remove dead air between speakers and more granular ability to change the playback speed of the podcast. (The Apple Podcasts app can speed up or slow down just at increments of 0.5x, 1x, 1.5x, and 2x.)

There were also some strange choices made by Apple Podcasts while playing podcasts through a CarPlay device. The next track and previous track buttons on Overcast let you skip forward or backward 30 seconds on the podcast that is playing. If my mind drifts and I miss something good, I like the ability to easily rewind. Apple Podcasts uses those buttons to skip to the next podcast or entirely back to the beginning of the existing one. I realize that is a design choice, but for the way I listen to podcasts, it’s the wrong one.

We Need AirPlay 2

I often listen to podcasts while doing trivial work at my desk. With this experiment, I was spoiled by listening to podcasts through the HomePod, triggering them with Siri. They sound so much better. Switching back to Overcast, I tried to AirPlay from my phone to the HomePod and found it a lousy experience. I don’t mind the few seconds delay in establishing the connection. What I couldn’t stand was the way it would occasionally drop off and cut off the audio. This made podcasts unlistenable from Overcast to the HomePod. It looks like I’m back to the Overcast website on my Mac until AirPlay 2 shows up.

Overall

Starting your favorite podcast with Siri is a great feature, and I took to it quickly. However, all the other baggage that came with the Apple Podcasts app ultimately pushed me back to Overcast. While going through the experiment, I asked myself what were the minimum features I needed from the Apple Podcasts app in order to stick it out. I think I could have put up with the loss of Overcast Smart Speed and even lived with Apple’s goofy decision about CarPlay implementation. The real dealbreakers for me were the user interface in the Apple Podcats app combined with the occasional problem with it playing the wrong episode of a show.

Ultimately, what I’d prefer is for Apple to expand Siri for third-party audio apps so we don’t have to make these kinds of choices.

Alto’s Odyssey Ships

While I’ve never been a particular fan of endless runner games, Alto’s Adventure really grabbed me. I’m certain it’s the iPhone game I’ve logged the most hours playing. There is something special about it because it’s fun and challenging while at the same time … for lack of a better word … peaceful. The graphics and music are both wonderful. I find it very relaxing snowboarding and jumping. Even when I crash, it doesn’t feel so bad.

Today we get the sequel, Alto’s Odyssey. I’ve only spent 15 minutes with it but it’s just as fun and relaxing as the original. The gameplay is very similar but it looks like there are additional features as I get deeper and I’m looking forward to slowly unlocking them all. 

Alto’s Odyssey is easy to pick up and doesn’t require you to make in-app purchases to enjoy. Control is just one finger on the screen. Give it try.

The Physical and Fiscal Benefits of the Apple Watch

Apple’s new Close Your Rings website is a good message and an excellent way to sell the Apple Watch. While I’m not particularly excited about any app using game theory to push my buttons, for the Health app I’m willing to make an exception. I’m more aware of my activity since I started wearing the Apple Watch than I’d ever been before. It’s because of those rings that I bike most places, often wake up an hour early to go on a hike, and even occasionally find myself marching up and down the stairs in my house in the evening just to make sure I get those extra 10 minutes of elevated heart rate. Don’t believe me? Look below.

Not only does this help my physical health, it also helps Apple’s fiscal health. Several times I’ve told friends about how I use the Apple Watch to track fitness, and it often ends with them nodding approvingly while saying something like, “Hmmm”. Then the next time I see them following a birthday or big holiday, they are wearing their very own Apple Watch.


IMG_7C3FEA394FF5-1.jpeg

The Hyper-Scheduling Experiment

For the last month, I have been conducting an experiment with more deliberate scheduling of my time. For lack of a better word, I have been calling it hyper-scheduling. 

Historically, I have kept two things in my calendar: 1.) appointments and 2.) big rock-style projects. For example, if I’ve been meaning to write a certain complicated client contract for a few days and it wasn’t getting done, I would set aside several hours in my calendar specifically for that project.

With this hyper-scheduling project, I have taken that to a different level. For instance, here is my schedule from a few days ago:

6:00 – Shower, shave, and meditate

7:00 – Bicycle to Starbucks

7:20 – Write Smith contract

9:20 – Review email and social media

10:00 – Write Field Guide

11:00 – Bicycle to bank, market, and home

11:45 – Lunch

12:15 – Capture “Flags”

13:00 – Legal Work

15:00 – Field Guide screencasting

17:00 – End of day email audit

17:30 – Daily shutdown 

21:00 – Jones call 

A few of these require further explanation. 

  • I have a cool bike that I use for most of my local transportation. Anywhere within five miles of my house, I am probably biking. (Hooray for California!) I have to build that time into the schedule. All the pedaling also helps me fill my rings.
  • Flag capture is the process of knocking down flagged tasks in OmniFocus. Every day I have 5-10 tasks that I have flagged to make sure I get done.
  • “Legal Work” is me working through OmniFocus tasks in my legal perspective that are not flagged. I don’t truly hyper-schedule time in that block of time for each specific task I’ll work on. When I set up the day, I am not even sure what I will be doing during that time except that it will be legal work. I just have a block set aside to make calls and get non-critical client work done.
  • One of the biggest advantages of this practice is the commitment I am making to spending time on the next MacSparky Field Guide. Before I started this experiment, there never seemed to be time to work on my books. Now it is built into the schedule.
  • Shutdown is a whole thing I do (which I will write about another day). Relevant to this post is that as part of that shutdown, I hyper-schedule the next day so I can wake up and hit the ground running.
  • Normally after I do the shutdown, I am done for the day. On this particular day, I had a conference call with a client in India so I had to get back on my horse later in the evening.
  • Not all of my days are this ideal. Some days I spend driving all over Southern California meeting clients or going to the dentist. The system still works on those days too.

After doing this for a month, I am sold. The extra work involved with planning the day gets paid off with interest in productivity the next day. 

A couple of things I have learned along the way with this experiment is to make sure and set up my schedule the night before. I am pretty sharp in the mornings, so I want to spend that time on client or creative work, not scheduling. Also, there is nothing wrong with setting a block of time as a commitment to types of work as opposed to a specific task, such as generally getting client work done as opposed to a specific client project.

Another thing is to accept that despite my planning, none of this is carved in stone. If a client calls in with a true emergency or I find out a friend is in the hospital, I can blow the daily plan up fairly easily. Because of the planning, on this day I knew I had about 45 minutes of flagged must-do tasks. If something came up, I would know that I need to find 45 minutes in the day to deal with the flags, and the rest could be scratched.

Most people who have thought a lot about calendars and planning preach that you must put space between events on a highly scheduled day. That is probably good advice, but a month in, I still haven’t done that and I am not feeling particularly bad about it.